westdc-zf1/application/default/controllers/ReviewController.php

810 lines
27 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* ReviewController
*
* @description 元数据评审控制器
* @version 2012/1/13 15:42
* @category Controller
* @package ReviewController
*/
class ReviewController extends Zend_Controller_Action
{
private $limit=10;
function preDispatch()
{
$this->view->config = Zend_Registry::get('config');
$this->db=Zend_Registry::get('db');
$this->messenger=$this->_helper->getHelper('FlashMessenger');
$this->view->messages = $this->messenger->getMessages();
}
/*
* indexAction() 元数据评审首页
*/
function indexAction()
{
//最新10个收稿
$sql="select m.uuid,m.title,date(s.ts_created) as ts_created from mdstatus s right join metadata m on m.uuid=s.uuid where s.status=0 order by s.ts_created desc limit 10";
$this->view->mdreceived = $this->db->fetchAll($sql);
//最新10个接收
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s right join metadata m on m.uuid=s.uuid where s.status=1 order by s.ts_created desc limit 10";
$this->view->mdaccepted = $this->db->fetchAll($sql);
//最新10个送审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s right join metadata m on m.uuid=s.uuid where s.status in (2,3,4) order by s.ts_created desc limit 10";
$this->view->mdinreview = $this->db->fetchAll($sql);
//最新10个已审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s right join metadata m on m.uuid=s.uuid where s.status=5 order by s.ts_created desc limit 10";
$this->view->mdreviewed = $this->db->fetchAll($sql);
//统计数字
$sql="select (select count(*) from mdexperts) as experts,(select count(*) from mdstatus where status=0) as draft,(select count(*) from mdstatus where status=1) as accept,(select count(*) from mdstatus where status in (2,3,4)) as inreview,(select count(*) from mdstatus where status=5) as reviewed,(select count(*) from mdreview) as openreview,(select count(distinct(userid)) from mdreview) as openreviewuser";
$this->view->stat=$this->db->fetchRow($sql);
}// 元数据评审首页
/*
* myreviewAction() 我参数的元数据
*
* 通过用户ID来获得此列表未登录用户无权限浏览该页面
*/
function myreviewAction(){
$this->view->pageID = "review-myreview";
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$uid = $user->id;
}else{
$this->_redirect('/account/login/?href=/review/myreview');
}
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where m.uuid in (select uuid from mdexpertreview er where er.id=$uid union select uuid from mdreview r where r.userid=$uid)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,s.ts_finished,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where m.uuid in (select uuid from mdexpertreview er where er.id=$uid union select uuid from mdreview r where r.userid=$uid) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
foreach($this->view->metadata as $k=>$v)
{
$this->view->metadata[$k]['statustext']=$this->rewritestatus($v['status']);
}
}//我参审的
/*
* draftAction() 最新收稿的元数据
*
* [@param $page int]
*
* mdstatus 中status 字段值为 0 的元数据为收稿元数据
*/
function draftAction(){
$this->view->pageID = "review-draft";
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s right join metadata m on s.uuid=m.uuid where s.status in (0)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_created,g.id as gid,t.filename from mdstatus s right join metadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (0) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}//最新收稿
/*
* acceptAction() 最新进入评审的元数据
*
* [@param $page int]
*
* mdstatus 中 status 字段值为 1 的元数据为进入评审的元数据
*/
function acceptAction(){
$this->view->pageID = "review-accept";
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s right join normalmetadata m on s.uuid=m.uuid where s.status in (1)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,g.id as gid,t.filename from mdstatus s right join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (1) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}
/*
* inreviewAction() 在审元数据
*
* [@param $page(int)]
*
* mdstatus 中 status 字段值为 2,3,4 的元数据为正在进行评审的元数据
*/
function inreviewAction(){
$this->view->pageID = "review-inreview";
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s right join normalmetadata m on s.uuid=m.uuid where s.status in (2,3,4)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,g.id as gid,t.filename from mdstatus s right join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (2,3,4) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}//在审阶段的元数据
/*
* reviewedAction() 已通过评审的元数据
*
* [@param $page int]
*
* mdstatus 中 status 字段值为 5 的元数据为已经通过评审的元数据
*/
function reviewedAction(){
$this->view->pageID = "review-reviewed";
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status in (5)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_finished,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (5) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}//已完成评审的元数据
/*
* rewritestatus() 将评审状态转化为文字说明
*
* @param $status int
*
* return string
*/
function rewritestatus($status){
if($status==-1)
{return "取消评审";}
else if($status==0)
{return "投稿元数据";}
else if($status==1)
{return "接收元数据";}
else if($status==2)
{return "专家评审中";}
else if($status==3)
{return "专家评审中";}
else if($status==4)
{return "专家反馈";}
else if($status==5)
{return "已发布";}
else
{return "";}
}//function rewriterstatus
/*
* replace() 重写表单中提交的html数据
*
* @param $string string
*
* return string
*/
function replace($string){
$patterns = array("/\"/i","/\'/i");
$replacements = array("","");
ksort($patterns);
ksort($replacements);
return preg_replace($patterns, $replacements, $string);
}
/*
* reviewAction() 元数据评审页面
*
* @param $uuid uuid
*
* return view
*/
function reviewAction() {
$uuid = $this->_request->getParam('uuid');
$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
left join mdstatus r on r.uuid=m.uuid
where m.uuid=?",$uuid);
$md = $this->db->fetchRow($sql);
$this->view->metadata = $md;
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
$sql = "select * from mdreview where userid='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
$this->view->review = $row;
}
}//reviewAction()
/*
* allreviewAction() 列出所有评审意见
*
* @param $uuid uuid
* @param $page int default 0
*
* return string
*
* 使用ajax输出所有评审意见UUID为数据评审页面的uuid参数。包含列表的html标签包含分页代码
* 分页模板review/pagination_ajax.phtml
*/
function allreviewAction(){
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$uuid = $this->_request->getParam('uuid');
$sql = "select r.id,r.is_expert,r.uuid,r.userid,r.ts_created,u.username,r.mdcomment,r.conclusion,ratt.reviewid from mdreview r
left join users u on u.id=r.userid
left join mdreviewattach ratt on r.id=ratt.reviewid
where r.uuid='$uuid' and r.status>-1
group by r.id,r.is_expert,r.uuid,r.userid,r.ts_created,u.username,r.mdcomment,r.conclusion,ratt.reviewid
order by r.id desc
";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage(5);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('review/pagination_ajax.phtml');
$list = "";
foreach($paginator as $k=>$v)
{
$list.='
<li>
<div class="reviewitem">
<div class="itemtitle">评审人:';
if(!$v['is_expert'])
{
$list .= $v['username'];
}else
{
$list.= '专家';
}
$list .= '</div><div class="itemtime">';
if($v['reviewid']!="")
{
$list.='[<a href="javascript:;" onclick="checkfiles(\''.$v['id'].'\')">查看评审附件</a>]&nbsp;&nbsp;';
}
$list .='
评审时间:'.date("Y-m-d H:i",strtotime($v['ts_created'])).'</div>
<div class="itemcontent"><p>'.str_replace(array("\r\n", "\n", "\r"),'</p><p>',$v['mdcomment']).'</p></div>
<div id="filelist_'.$v['id'].'" class="filelist"></div>
</div>
</li>
';
}
if(empty($list))
{
$list="<p style='text-align:center'>暂无评审数据</p>";
}
$stringbuffer = "<ul class='reviewlist'>$list</ul>";
echo $stringbuffer.'<div class="paginator">'.$paginator.'</div>';
}//allreviewAction() 所有评论 ajax
/*
* saveAction() 保存/提交评审意见
*
* @param $do string //空值或其它时为存草稿submit为提交到后台
* @param $conclusion int //总体意见
* @param $mdcomment string //给元数据意见
* @param $datacomment string //给数据中心意见
* @param $editorcomment string //给元数据作者意见
* @param $att array[] //附件
* @param $uuid uuid
*
* return string
*
* ajax保存、提交元数据评审意见返回提示html提示信息
* 当用户未删除附件直接离开页面会产生冗余因为附件没有即时删除是否在离开事件中添加ajax删除未提交的附件)
* 评审成功后发送邮件到系统邮箱,并为后台推送管理员消息
*/
function saveAction(){
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$do = $this->_request->getParam('do');
$conclusion = $this->_request->getParam('conclusion');
$mdcomment = $this->replace(trim($this->_request->getParam('mdcomment')));
$datacomment = $this->replace(trim($this->_request->getParam('datacomment')));
$editorcomment = $this->replace(trim($this->_request->getParam('editorcomment')));
$uuid = $this->_request->getParam('uuid');
$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
left join mdstatus r on r.uuid=m.uuid
where m.uuid=?",$uuid);
$md = $this->db->fetchRow($sql);
if($md['status']>4)
{
echo '<div class="box box-info">该数据已经通过评审,不能再发表评审意见,如需提交问题,请联系数据管理员</div>';
exit();
}
if($md['status']<1)
{
echo '<div class="box box-info">已被数据中心接收的数据才可以进行评审</div>';
exit();
}
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
$sql = "select id,userid,status from mdreview where userid='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if($row['id']!='' && $row['status']>-1)
{
echo '<div class="box box-info">您已经对该元数据发表过评审了</div>';
exit();
}
}else{
echo '<div class="box box-info">读取用户信息失败,请刷新页面后重试 :(</div>';
exit();
}
if(empty($conclusion))
{
echo '<div class="box box-info">请选择评审意见</div>';
exit();
}
if(!is_numeric($conclusion) || !in_array($conclusion,array(-1,1,2,3)))
{
echo '<div class="box box-info">参数有误,请刷新页面 :(</div>';
exit();
}
if(empty($mdcomment) )
{
echo '<div class="box box-info">请填写元数据意见 :(</div>';
exit();
}
try{
if($row['status']<0)
{
$sql = "delete from mdreview where id='{$row['id']}'";
if($this->db->exec($sql)<1)
{
echo '<div class="box box-error">处理出错,请重试</div>';
exit();
}
}
$data = array(
'userid' => $userid,
'uuid' => $uuid,
'mdcomment' => $mdcomment,
'ts_created' => 'now()',
'datacomment' => $datacomment,
'editorcomment' => $editorcomment,
'conclusion' => $conclusion,
'status' => -1
);
if($do=='submit')
{
$data['status'] = 0;
}
$sql = "select id from mdexpertreview where id='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if($row['id']!='')
{
$data['is_expert'] = 'true';
}
$keys = array();
$values = array();
foreach ($data as $k=>$v)
{
$keys[]=$k;
$values[]=$v;
}
$keys = join(",",$keys);
$values = "'".join("','",$values)."'";
$sql = "insert into mdreview ($keys) values ($values) RETURNING id";
$sth = $this->db->prepare($sql);
if($sth->execute())
{
$review = $sth->fetch(PDO::FETCH_ASSOC);
$reviewid=$review['id'];
if(isset($_POST['atts']))
{
foreach($_POST['atts'] as $v)
{
$sql = "insert into mdreviewattach (attachid,reviewid) values ('$v','$reviewid')";
$this->db->exec($sql);
}
echo '<div class="box box-success">保存成功!';
echo "</div>";
}
if($data['status']>=0)
{
echo '<script>$("#postcomment").remove();</script>';
$title = "收到新元数据评审意见";
$msg = "用户".$user->username."对元数据《".$md['title']."》发布了评审意见,<a href=\"/admin/review/comments/ac/view/id/".$reviewid."\">点击查看</a>";
include_once("message.php");
message::post($this->db,0,-1,$title,$msg);
$mail=new WestdcMailer($this->view->config->smtp);
$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
if(@$data['is_expert']=='true')
{
$mailtp=new EmailText($this->db,"review-expert-comment",array(
'user' => $user->username,
'uuid' => $uuid,
'title'=> $md['title'],
'content' => $mdcomment
));
$mail->setBodyText($mailtp->getBody());
$mail->setSubject($mailtp->getSubject());
$mail->addTo($this->view->config->service->email); //管理员邮箱
}else{
$mailtp=new EmailText($this->db,"review-post-comment",array(
'user' => $user->username,
'uuid' => $uuid,
'title'=> $md['title'],
'content' => $mdcomment
));
$mail->setBodyText($mailtp->getBody());
$mail->setSubject($mailtp->getSubject());
$sql="select distinct(res.email) from responsible res left join role r on res.id=r.resid where r.role in ('author','resourceProvider') and r.uuid=?";
$rows=$this->db->fetchAll($this->db->quoteInto($sql,$uuid));
foreach($rows as $row)
$mail->addTo($row['email']); //元数据作者
$mail->addCc($this->view->config->service->email); //管理员
}
$mail->send();
}
}else{
echo '<div class="box box-error">保存出错,请稍后再试!</div>';
exit();
}
}catch (Exception $e){
echo '<div class="box box-error">保存失败,请重试!</div>';
exit();
}
}// saveAction 存草稿 ajax
/*
* searchAction() 搜索
*
* @param $key string
*
* 搜索包含输入关键词的评审元数据
*/
function searchAction()
{
$key=$this->_request->getParam('q');
if(preg_match("/\"|'|<|>/",$key))
{
$data=array(
'<'=>'&lt;',
'>'=>'&gt;',
"\'"=>'',
"\""=>'”',
);
$patterns = array();
$replacements = array();
foreach($data as $k=>$v)
{
$patterns[]='/'.$k.'/i';
$replacements[]=$v;
}
ksort($patterns);
ksort($replacements);
$key=preg_replace($patterns, $replacements, $key);
}
if (!empty($key)) {
$search=new SimpleSearch($key);
$where=$search->sql_expr(array("m.title","m.description"));
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status>0 and ".$where);
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status>0 and ".$where." order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
$this->view->key=$key;
foreach($this->view->metadata as $k=>$v)
{
$this->view->metadata[$k]['statustext']=$this->rewritestatus($v['status']);
}
}
}
function helpAction()
{
$archives=new Archive($this->db);
$this->view->item=$archives->getOneArchive('元数据评审说明','help');
$this->view->pageID = "review-help";
}
/*
* attlistAction() 元数据评审附件列表
*
* @param $rid status //元数据评审意见的ID
*
* return string
*
* ajax获得评审意见的附件列表输出html
*/
function attlistAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$rid = $this->_request->getParam('id');
$list = array();
$list[]= '
<li style="border:none">
附件列表:
<span><a href="javascript:void(0);" onclick="$(\'#filelist_'.$rid.' ul\').remove();">[关闭]</a></span>
</li>
';
$sql = "select att.realname,att.id,att.filesize from attachments att
left join mdreviewattach ratt on ratt.attachid = att.id
where ratt.reviewid = $rid";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
foreach($rows as $k=>$v)
{
if($v['filesize'] > 1024*1024)
{
$v['filesize'] = round($v['filesize']/1024/1024,2) . "MB";
}
else
{
$v['filesize'] = round($v['filesize']/1024,2) . "KB";
}
$list[] = '
<li>'.$v['realname'].' &nbsp;('.$v['filesize'].')
<span><a href="/review/downatt/id/'.$v['id'].'" target="_blank">下载</a></span>
</li>
';
}
if(count($rows)>0)
{
echo "<ul>".join('',$list)."</ul>";
}else{
echo "无附件";
}
exit();
}// ajax 评审附件列表
/*
* downattAction() 附加下载
*
* @param $id int //附件ID
*
* return file
*
* 判断附件类型后输出相应下载
* 如果输出html错误提示需要输出完整的html页面
*/
function downattAction(){
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$id = $this->_request->getParam('id');
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
try{
$sql = "select * from attachments where id='$id'";
$re = $this->db->query($sql);
$row = $re->fetch();
$fullPath = $this->view->config->upload.$row['filename'];
if(!file_exists($fullPath))
{
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>错误提示!</title></head><body>文件读取出错,请稍后重试</body></html>';
exit();
}
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
$ext = strtolower($path_parts["extension"]);
switch ($ext) {
case "pdf": $ctype="application/pdf"; break;
case "exe": $ctype="application/octet-stream"; break;
case "zip": $ctype="application/zip"; break;
case "doc": $ctype="application/msword"; break;
case "xls": $ctype="application/vnd.ms-excel"; break;
case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
case "gif": $ctype="image/gif"; break;
case "png": $ctype="image/png"; break;
case "jpeg":
case "jpg": $ctype="image/jpg"; break;
default: $ctype="application/force-download";
}
$content=file_get_contents($fullPath);
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$this->getResponse()->setHeader('Content-Type', 'application/octet-stream')
->setHeader('Content-Disposition','attachment; filename="'.$row['realname'].'"')
->setHeader('Content-Length', $fsize)
->setHeader('Content-Type','application/force-download')
->setHeader('Content-Type','application/download')
->setHeader('Content-Type',$ctype)
->setHeader('Content-Description','File Transfer')
->setHeader('Content-Transfer-Encoding','binary')
->setHeader('Expires',0)
->setHeader('Cache-Control','must-revalidate, post-check=0, pre-check=0')
->setHeader('Pragma','public')
->setBody($content);
$sql = "update attachments set downtimes=downtimes+1 where id = $id";
@$this->db->exec($sql);
}catch(Exception $e){
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>错误提示!</title></head><body>文件读取出错,请稍后重试</body></html>';
exit();
}
}else{
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>错误提示!</title></head><body>读取用户信息出错,请先登录再下载附件重试</body></html>';
exit();
}
}// downattAction 下载附件
/*
* denyinviteAction() 专家拒绝邀请
*
* @param id int //用户ID
* @param uuid uuid //元数据UUID
*
* return view->message
*
* 要求专家后会发送通知邮件到专家邮箱,邮箱中包含拒绝邀请的链接
* 链接地址 /review/denyinvite/id/{userid}/uuid/{uuid}
*/
function denyinviteAction()
{
$id = $this->_request->getParam('id');
$uuid = $this->_request->getParam('uuid');
if(empty($id) || empty($uuid) || !is_numeric($id) ||!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
{
$this->view->message = "参数错误";
}else{
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
if($id==$userid)
{
try{
$sql = "update mdexpertreview set status=-1 where id='$id' and uuid='$uuid'";
if($this->db->exec($sql))
$this->view->message = "您已经拒绝该元数据的评审邀请";
else
$this->view->message = "您无权限进行此操作";
}catch(Exception $e){
$this->view->message = $e->getMessage();
}
}//end if
else
{
$this->view->message = "您无权使用此通知";
}//非本人操作,或尝试删除他人信息
}//end if
else
{
$this->view->message = '请登录后再执行此操作,请<a href="/account/login/?href=/review/denyinvite/id/'.$id.'/uuid/'.$uuid.'">点击此处登录</a>';
}//未登录
}
}// denyinviteAction() 专家拒绝邀请
//parameters are same as denyinviteAction
function inviteokAction()
{
$id = $this->_request->getParam('id');
$uuid = $this->_request->getParam('uuid');
if(empty($id) || empty($uuid) || !is_numeric($id) ||!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
{
$this->view->message = "参数错误";
}else{
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
if($id==$userid)
{
try{
$sql = "update mdexpertreview set status=1 where id='$id' and uuid='$uuid'";
if($this->db->exec($sql))
$this->view->message = "感谢您同意对该数据的评审邀请,如遇到任何问题,请联系数据中心服务人员。";
else
$this->view->message = "您无权限进行此操作";
}catch(Exception $e){
$this->view->message = $e->getMessage();
}
}//end if
else
{
$this->view->message = "您无权使用此通知";
}//非本人操作,或尝试删除他人信息
}//end if
else
{
$this->view->message = '请登录后再执行此操作,请<a href="/account/login/?href=/review/inviteok/id/'.$id.'/uuid/'.$uuid.'">点击此处登录</a>';
}//未登录
}
}// denyinviteAction() 专家拒绝邀请
}